Certificate of Cloud Auditing Knowledge (CCAK) — Question 28

After finding a vulnerability in an internet-facing server of an organization, a cybersecurity criminal is able to access an encrypted file system and successfully manages to overwrite part of some files with random data. In reference to the Top Threats Analysis methodology, how would you categorize the technical impact of this incident?

Answer options

• A. As an integrity breach
• B. As control breach
• C. As an availability breach
• D. As a confidentiality breach

Correct answer: A

Explanation

The correct answer is A, as the incident involves altering data, which directly impacts the integrity of the files. Options B, C, and D do not apply because the breach does not relate to control mechanisms, availability of services, or the confidentiality of the information itself.